CVE-2026-29124 HIGH

CVE-2026-29124: Multiple SUID Root Binaries in `monitor` User Home Directory Leading to Potential Local Privilege Escalation

Vendor International Datacasting Corporation

Product SFX2100 Satellite Receiver

Weakness CWE-269

Published March 5, 2026

Last update March 5, 2026

View on NVD All CVEs

CVSS base score

8.6/10

Attack vector Local

Attack complexity High

Privileges required Low

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N

What the vulnerability does

01Description

Multiple SUID root-owned binaries are found in /home/monitor/terminal, /home/monitor/kore-terminal, /home/monitor/IDE-DPack/terminal-dpack, and /home/monitor/IDE-DPack/terminal-dpack2 in International Data Casting (IDC) SFX2100 Satellite Receiver, which may lead to local privlidge escalation from the `monitor` user to root

Key dates

02Disclosure timeline

March 5, 2026 CVE published

March 5, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2026-29124 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/269.html

Related vulnerabilities

Identifiers

CVE CVE-2026-29124

CWE CWE-269

CVSS 8.6 / HIGH

Affected versions